The -S argument of check_http can take a number, which forces the connection to
use a specific SSL version. This is implemented as multiple options because
check_http does not accept the number following -S if they are separated.
fixes #10358
Signed-off-by: Michael Friedrich <michael.friedrich@netways.de>
http_uri | **Optional.** The request URI.
http_port | **Optional.** The TCP port. Defaults to 80 when not using SSL, 443 otherwise.
http_ssl | **Optional.** Whether to use SSL. Defaults to false.
+http_ssl_force_tlsv1 | **Optional.** Whether to force TLSv1.
+http_ssl_force_sslv2 | **Optional.** Whether to force SSLv2.
+http_ssl_force_sslv3 | **Optional.** Whether to force SSLv3.
http_sni | **Optional.** Whether to use SNI. Defaults to false.
http_auth_pair | **Optional.** Add 'username:password' authorization pair.
http_proxy_auth_pair | **Optional.** Add 'username:password' authorization pair for proxy.
"-S" = {
set_if = "$http_ssl$"
}
+ "-S1" = {
+ set_if = "$http_ssl_force_tlsv1$"
+ }
+ "-S2" = {
+ set_if = "$http_ssl_force_sslv2$"
+ }
+ "-S3" = {
+ set_if = "$http_ssl_force_sslv3$"
+ }
"--sni" = {
set_if = "$http_sni$"
}
projects / icinga2 / commitdiff